With the development of the Internet and Next Generation Network (NGN), whose convenient access, gradually improved access speed, easy-to-extend feature, and abundant service functions win favors of the operators and the users. However, people show more and more concerns about security of the Internet and NGN. As the core protocol for NGN, Session Initiation Protocol (SIP) also faces the same challenge in security, for which access authentication is one of the solutions. The existing SIP (RFC 3261) provides a fundamental access authentication approach, i.e., the so-called Digest Authentication.
SIP is featured with simplicity, high extensibility, and tight coupling with Internet applications, by which simple Internet Phone function can be implemented with only 3 messages (INVITE, BYE and ACK). SIP discriminates clients and servers. A client refers to an application program that sends requests to a server and establishes a connection with the server, and is included in a Back-to-Back User Agent (B2B User Agent) and Proxy. A server is an application program that is designed to provide services at client requests and send back a response to the client. There are 4 types of basic servers:
1. B2B User Agent Server: it contacts with the user and sends back a response on behalf of the user on receiving an SIP request.
2. Proxy Server: it is a program that initiates requests on behalf of other clients and serves both as a server and as a client. It can modify the content in an original request message before forwarding the request.
3. Redirect Server: it receives a SIP request, maps the original address in the request into one or more new addresses, and returns it to the client.
4. Registrar Server: it receives registration requests from a client and accomplishes registration of a user address. It is usually necessary for a user terminal program to include both a User Agent Client (UAC) and a User Agent Server (UAS).
The SIP authentication procedure is a stateless Challenge-based mechanism (RFC 3261) similar to the one used in HTTP (Hyper Text Transfer Protocol) which is defined by RFC2617, with the essential idea that the two parties involved in authentication share a user name and an initial key. During the authentication procedure, an authenticating party sends a Challenge to a party to be authenticated which encrypts the user name and the initial key, forms a character string and sends the character string to the authenticating party on receiving the Challenge. The authenticating party obtains a character string by encrypting in the same way the user name and password which it knows, and judges whether the user's password is correct by comparing this character string with that received from the party to be authenticated.
In SIP, an authentication approach of Digest Scheme is used, the flow of which is shown in FIG. 1.
If a UAS (server end) intends to authenticate a UAC (client end), it must send a 401 Unauthorized response which indicates that a client without authorization attempts to access resources or clients that are protected by a password. The 401 Unauthorized response must carry a WWW-Authenticate header field, according to which the UAC displays a user name/key dialog box and sends a request again after an appropriate Authorization header field which carries the authentication information is filled. A registrar server and a redirect server can also use the 401 Unauthorized response to authenticate a UAC.
If a Proxy Server is to authenticate a UAC, it must utilize a 407 Proxy Authentication Required response, which is similar to a 401 and indicates that a client is authenticated by the Proxy Server first and a Proxy-Authenticate header field is carried therein. The UAC can initiate a request again and carry the authentication information in the Proxy-Authorization header field.
When the UAC reinitiates a request on receiving a 401 or 407 response, it usually uses the Call-ID, From header field, and To header field which are identical to those in the previous request, but the sequence number in the Cseq header field is incremented by 1, in other words, requests with the same Call-ID must have incremental Cseq numbers.
That authentication approach provides only the most fundamental access authentication functions, which may have the following drawbacks regarding the network security:
1. The fundamental Digest Authentication Scheme defined in RFC 3261 can only initiate an authentication for a request message from a UAC, but doesn't provide the corresponding authentication scheme for a 401 or 407 response. As the result, a UAC is prone to suffer plain text attacks.
2. Due to the fact that an initial key is used through the RFC 3261 Digest authentication procedure (only the authentication initiated for a Request message from UAC), it may be vulnerable to the dictionary attacks by monitoring and analyzing the (Authorization and Proxy-Authorization) header fields.